https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    bumpy-beach-79487

    05/28/2020, 2:59 PM
    Hi there guys, I'm wondering if it is posible to use
    helm_secrets
    with Pulumi ?
    b
    • 2
    • 10
  • b

    brash-manchester-88595

    05/28/2020, 3:15 PM
    error: post-step event returned an error: failed to normalize URN references: Two resources ('<urn1>' '<urn2>') aliased to the same: '<urn3>'
    this is only detected during execution, could this be made a planning phase detection? Possibly relevant: one of those resources was being imported. It breaks the import, leaving the to-be-imported resources in state ‘unknown’, requiring manual stack edits..
  • b

    bitter-island-28909

    05/28/2020, 7:15 PM
    Just started getting a perplexing error. Creating a standard security group, just like I have with Pulumi a dozen times before, and started getting this error:
    Error authorizing security group ingress rules: InvalidPermission.Malformed: Unsupported IP protocol "-1"  - supported: [tcp, udp, icmp]
    g
    • 2
    • 16
  • a

    able-beard-29160

    05/28/2020, 7:33 PM
    Folks, is there a way, or maybe a workaround that you're aware of, to initialize the contents of a GitLab repository when using the GitLab provider? I'm trying to create GitLab repos from Pulumi, but also "seed" them with an initial structure.
    • 1
    • 1
  • w

    wonderful-dog-9045

    05/28/2020, 9:10 PM
    How can I destroy target dependants without the target itself? (This includes the target
    pulumi destroy --target-dependents -t  urn:pulumi:dev::leaderboard::aws:ebs/volume:Volume::leaderboard-dev
    )
  • m

    millions-furniture-75402

    05/28/2020, 9:12 PM
    I’m trying to spin up a Cloudformation Stack from a template, and it’s timing out after 20 minutes, even though I’ve set the
    timeoutInMinutes
    in the args. Am I missing something?
    new aws.cloudformation.Stack(`${name}-cfn`, {
      parameters: { ... },
      capabilities: ["CAPABILITY_IAM"],
      timeoutInMinutes: 120
    }
    The exact error:
    aws:cloudformation:Stack (controller-tableau-cfn):
        error: 1 error occurred:
            * creating urn:pulumi:controller::shared-infra-controller::aws:cloudformation/stack:Stack::controller-tableau-cfn: timeout while waiting for state to become 'CREATE_COMPLETE, CREATE_FAILED, DELETE_COMPLETE, DELETE_FAILED, ROLLBACK_COMPLETE, ROLLBACK_FAILED' (last state: 'CREATE_IN_PROGRESS', timeout: 20m0s)
    f
    • 2
    • 3
  • h

    handsome-football-37974

    05/28/2020, 9:33 PM
    Are there any companies providing SLAs and CTO-in-a-Box like pro services for Pulumi orchestrated infrastructure?
    c
    • 2
    • 2
  • v

    victorious-vase-44805

    05/28/2020, 9:35 PM
    I am having an issue installing Rancher on a freshly created cluster (that was spun up using jaxxstorm/pulumi-rke). I get the following: kubernetes:certmanager.k8s.io:Issuer (rancher/rancher): error: creation of resource rancher/rancher failed because the Kubernetes API server reported that the apiVersion for this resource does not exist. Verify that any required CRDs have been created: no matches for kind “Issuer” in version “certmanager.k8s.io/v1alpha1”
    export function setUpK8sProvider(rkeCluster: rke.Cluster): k8s.Provider {
      return new k8s.Provider("rancherCluster", {
        cluster: rkeCluster.clusterName,
        kubeconfig: rkeCluster.kubeConfigYaml
      }, { dependsOn: rkeCluster })
    }
    
    export function createNamespace(clusterProvider: k8s.Provider): k8s.core.v1.Namespace {
      return new k8s.core.v1.Namespace("cert-manager", {
        metadata: {
          name: "cert-manager",
          labels: {"<http://certmanager.k8s.io/disable-validation|certmanager.k8s.io/disable-validation>": "true" }
        }
      }, { provider: clusterProvider, dependsOn: [clusterProvider] })
    }
    
    export function createCertManager(certManagerNamespace: k8s.core.v1.Namespace, clusterProvider: k8s.Provider): k8s.helm.v3.Chart {
      return new k8s.helm.v2.Chart(
        'cert-manager',
        {
          chart: 'cert-manager',
          version: 'v0.15.1',
          namespace: certManagerNamespace.metadata.name,
          values: {
            installCRDs: true,
          },
          fetchOpts: {
            repo: '<https://charts.jetstack.io>',
          },
        },
        {
          dependsOn: certManagerNamespace,
          provider: clusterProvider
        },
      );
    }
    
    export function createRancherServer(serverName: string, clusterProvider: k8s.Provider, certManager: k8s.helm.v3.Chart): k8s.helm.v3.Chart {
      let namespace = new k8s.core.v1.Namespace("rancher", {
        metadata: {
          name: "rancher",
        }
      }, { provider: clusterProvider, dependsOn: [certManager] })
    
      return new k8s.helm.v2.Chart(serverName, {
        chart: "rancher",
        namespace: namespace.metadata.name,
        fetchOpts: {
          repo: "<https://releases.rancher.com/server-charts/stable>"
        },
        values: {
          "hostname": "<http://rancher.mydomain.com|rancher.mydomain.com>",
          "ingress.tls.source": "letsEncrypt",
          "letsEncrypt.email": "<mailto:myemail@mydomain.com|myemail@mydomain.com>"
        }
      }, { provider: clusterProvider, dependsOn: [namespace] })
    }
    Any idea where I’m going wrong perhaps?
    c
    b
    • 3
    • 5
  • m

    millions-judge-24978

    05/29/2020, 5:36 AM
    Is there any way to specify a retry/timeout for
    get()
    methods like
    k8s.core.v1.Service.get
    ? Imagine creating an operator with pulumi, and needing some info about a
    Service
    that it will create as a result.
    a
    • 2
    • 3
  • a

    alert-restaurant-79151

    05/29/2020, 9:08 AM
    Fun times, if you change the name of some content of a bucket it will first create the new content then delete the old one, but because these both refer a file at the same location in the bucket it will actually replace and then delete cause the bucket content to be deleted
    • 1
    • 1
  • d

    dazzling-sundown-39670

    05/29/2020, 11:31 AM
    All my external IPs in k8s are pending, what am I missing?
    b
    • 2
    • 13
  • m

    millions-furniture-75402

    05/29/2020, 12:53 PM
    Is there a resource for community-developed ComponentResources?
    b
    i
    a
    • 4
    • 7
  • e

    enough-kite-69616

    05/29/2020, 3:02 PM
    How do I create a secret in a namespace other than default in kubernetes? I've tried giving it the name
    ns/secretname
    like the docs suggest, but it doesn't seem to work
    g
    c
    • 3
    • 4
  • f

    full-dress-10026

    05/29/2020, 8:34 PM
    The AWS documentation uses the URL format "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master" when telling you how to install their EFS CSI driver. Using that URL in a
    k8s.yaml.ConfigFile
    results in a "no such file or directory" error. Visiting that URL in the browser results in a 404. Does anyone have any idea what this URL format is and if/how it could work with Pulumi?
    b
    • 2
    • 8
  • m

    mammoth-oyster-21227

    05/29/2020, 9:59 PM
    Hello. Is there any way to console.log
    pulumi.output
    ? I’m catching strange behaviour very often and there is no way to debug stacks.
    l
    w
    • 3
    • 2
  • f

    full-dress-10026

    05/29/2020, 10:36 PM
    Is there a property that lets you get the security group ID of the EKS created security group on a worker node created with aws.eks.NodeGroup?
    • 1
    • 6
  • c

    curved-pharmacist-41509

    05/30/2020, 5:47 AM
    Is there any guidance for integrating 'build' tasks into Pulumi. Lets just say extending the S3 static site with the generation step, similar how the docker tasks will build the image for you
    w
    • 2
    • 2
  • w

    wonderful-dog-9045

    05/30/2020, 7:24 AM
    I get "InvalidParameterException: Invalid Region in ARN" when doing
    pulumi destroy
    . Checked the yaml and the region is correct. I think it may have been caused by me changing the region and the attempting a
    pulumi up
    that failed. Now, no matter what region i set in the config, it gives that error. Can anyone help please?
    w
    • 2
    • 1
  • f

    fast-ice-1848

    05/30/2020, 9:25 AM
    hi folks, i tried to deploy AKS cluster on Azure Gov and got this error
    Addon 'azurepolicy' is not supported in this cloud environment.
    It comes from terraform azure provider, doesn't it? Is there any solution or work around available? Thanks
    w
    g
    • 3
    • 8
  • a

    able-beard-29160

    05/30/2020, 4:32 PM
    Is there a way to have per-project logins? For example, one project uses a local login, while another uses the Pulumi service. Right now I have to remember to switch logins everytime I go to a new directory/project.
    w
    l
    • 3
    • 4
  • d

    dazzling-sundown-39670

    05/30/2020, 5:22 PM
    I'm in some weird state. When I do
    pulumi up
    this one is stuck here:
    -   └─ kubernetes:<http://apiextensions.k8s.io:CustomResourceDefinition|apiextensions.k8s.io:CustomResourceDefinition>  <http://challenges.acme.cert-manager.io|challenges.acme.cert-manager.io>  deleting     completing deletion from previous update
    If I export the stack I can't see any
    pending_operations
    and if I try to manually run
    helm uninstall cert-manager
    I can see that it's not even installed. I've also tried running
    pulumi refresh
    and just
    pulumi stack export | pulumi stack import
    but it doesn't help
    b
    • 2
    • 5
  • a

    able-beard-29160

    05/30/2020, 5:56 PM
    I'm trying to use the GitLab provider with a private GitLab instance via VPN, but although I've configured the
    gitlab:token
    and
    gitlab:base_url
    config values, I get a network error:
    error: Get "<https://gitlab.company.com/api/v4/user>": dial tcp: lookup <http://gitlab.company.com|gitlab.company.com> on 8.8.8.8:53: no such host
    Where company.com is the redacted version of my actual host. I've double checked using cURL that I can access the instance given the access token that Pulumi uses and it all works great. Any ideas?
    g
    b
    • 3
    • 11
  • a

    able-beard-29160

    05/30/2020, 9:55 PM
    I've tried to use the
    pulumi/pulumi
    Docker image in my CI/CD process, but I've noticed its size is approximately 3GB 😲. Now, I'll probably build my own slimmer image, but I'm curious, if I'm using Pulumi with a TypeScript project, what runtime dependencies do I need except the Pulumi executable and nodejs? Let's say I'm only targeting Azure in my code. Will I need the
    az
    executable to be present on
    PATH
    too?
    b
    • 2
    • 5
  • s

    sticky-thailand-14236

    05/30/2020, 11:36 PM
    Hey guys/gals, is there away to periodically update deployments (kubernetes)? basically pull a new "latest" image and deploy.
    k
    a
    • 3
    • 6
  • b

    blue-businessperson-90950

    05/31/2020, 10:08 AM
    I just discovered Pulumi and i am investigating on how to map this https://github.com/gruntwork-io/terragrunt-infrastructure-live-example in Pulumi. I am thinking about how to structure my project directory in stacks. I was reading https://www.pulumi.com/docs/intro/concepts/organizing-stacks-projects/ but really there is no single multi environment/multi region project example. I think it will be useful to create an example project that map to https://github.com/gruntwork-io/terragrunt-infrastructure-live-example because it is a usual terraform/terragrunt structure.
    b
    c
    • 3
    • 4
  • c

    cuddly-lizard-88530

    05/31/2020, 1:45 PM
    What are the strategies for deploying lambda functions written in TypeScript in a large project? I’m getting some weird transpilation issues. But also it looks like all of the production dependencies are being bundled, regardless if they are used or not. Surely that’s not efficient. Would bundling with webpack first be the go to approach?
  • b

    big-island-38073

    05/31/2020, 10:34 PM
    Is there a way to use pulumi to drive straight
    docker run
    commands with different
    docker context
    's? - or alternatively any docker-compose like utility? (I understand this is not a primary/intended use case)
  • l

    late-agency-42012

    06/01/2020, 1:20 AM
    anyone had success importing an aws vpc?
    f
    • 2
    • 1
  • b

    big-dress-78008

    06/01/2020, 3:51 AM
    Is there a
    dry-run
    mode in Pulumi?
    a
    • 2
    • 2
  • d

    dazzling-sundown-39670

    06/01/2020, 8:39 AM
    So now when I have my stack up and running with k8s and everything I need. How would I go about deploying helm charts to it from another repo? What's best practice here? Should I just copy my kubeconfigs etc to github secrets as I did before pulumi for running my CD?
    b
    • 2
    • 1
Powered by Linen
Title
d

dazzling-sundown-39670

06/01/2020, 8:39 AM
So now when I have my stack up and running with k8s and everything I need. How would I go about deploying helm charts to it from another repo? What's best practice here? Should I just copy my kubeconfigs etc to github secrets as I did before pulumi for running my CD?
b

billowy-army-68599

06/01/2020, 5:43 PM
hey Max! If you provisioned your cluster with pulumi, a common pattern is to have the kubeconfig be an
Output
and then pass it through to the kubernetes provider as a
StackReference
. I can send an example if this looks like a good approach
👍 1
View count: 1